#!/bin/sh
rm /tmp/hma.sh
cat <<INSTALL > /tmp/hma.sh
#!/bin/sh
cd /tmp
mkdir hma
cd hma
cat <<EOF > hma.conf
remote 211.20.73.2 53
client
dev tun
proto udp
script-security 2
resolv-retry infinite
nobind
persist-key
persist-tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /tmp/hma/ca.crt
cert /tmp/hma/cl.crt
ns-cert-type server
key /tmp/hma/cl.key
auth-user-pass /tmp/hma/user.txt
log /tmp/hma/hma.log
verb 2
management 127.0.0.1 5001
EOF
cat <<"EOF" > user.txt
INSTALL

if [ -f /tmp/hma.txt ]; then
	b64=`cat /tmp/hma.txt`
	echo "begin-base64 644 -" > /tmp/hma.txt
	echo "$b64" >> /tmp/hma.txt
	uudecode < /tmp/hma.txt >> /tmp/hma.sh
	echo "" >> /tmp/hma.sh
	rm /tmp/hma.txt
else
	echo "/tmp/hma.txt: Not found: HMA-WRT Installation Failed"
fi

cat <<INSTALL >> /tmp/hma.sh
EOF

chmod 600 user.txt

cat <<EOF > ca.crt
-----BEGIN CERTIFICATE-----
MIIDrjCCAxegAwIBAgIJAIzyTAwZXVooMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYD
VQQGEwJVSzELMAkGA1UECBMCTlIxFTATBgNVBAcTDEF0dGxlYm9yb3VnaDEZMBcG
A1UEChQQSGlkZSBNeSBBc3MhIFBybzEMMAoGA1UECxMDVlBOMRowGAYDVQQDExF2
cG4uaGlkZW15YXNzLmNvbTEfMB0GCSqGSIb3DQEJARYQY2FAaGlkZW15YXNzLmNv
bTAeFw0wOTA2MDYwOTM5MTJaFw0xOTA2MDQwOTM5MTJaMIGXMQswCQYDVQQGEwJV
SzELMAkGA1UECBMCTlIxFTATBgNVBAcTDEF0dGxlYm9yb3VnaDEZMBcGA1UEChQQ
SGlkZSBNeSBBc3MhIFBybzEMMAoGA1UECxMDVlBOMRowGAYDVQQDExF2cG4uaGlk
ZW15YXNzLmNvbTEfMB0GCSqGSIb3DQEJARYQY2FAaGlkZW15YXNzLmNvbTCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuMcVrtq8Y/en+R6scsKl4EHMSU1e9xzQ
nHsbG8U93YHGQL8iJThdCaw/FS85ekTQmyQLS5qdFPOWEYPGbiR/ROH9yjD/VWzC
2OHSdmE+6w909tKjLWQSNpiBQaq5InSd/UrJ98Usw2hHz6yk/gkeTwkNip75UHGG
XREC6FUa6zUCAwEAAaOB/zCB/DAdBgNVHQ4EFgQUzli9ONAdxV7S73RTOpfaXP99
HDIwgcwGA1UdIwSBxDCBwYAUzli9ONAdxV7S73RTOpfaXP99HDKhgZ2kgZowgZcx
CzAJBgNVBAYTAlVLMQswCQYDVQQIEwJOUjEVMBMGA1UEBxMMQXR0bGVib3JvdWdo
MRkwFwYDVQQKFBBIaWRlIE15IEFzcyEgUHJvMQwwCgYDVQQLEwNWUE4xGjAYBgNV
BAMTEXZwbi5oaWRlbXlhc3MuY29tMR8wHQYJKoZIhvcNAQkBFhBjYUBoaWRlbXlh
c3MuY29tggkAjPJMDBldWigwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOB
gQCqNwcaCyebKsSQt6IqnCMB+WaSjrxnRgD1hqgReho/fD2D5+mHYAfs22Y5R0GQ
uLwmH+88OfIgsK9Wy0cKknGVML2E5fV+AUVWpPkAx8nZVNUuhj9N6nN+891pTIQc
jRdJbgqyUwlmc+/eyiLB8/s7GmqOoDK5UrSEyBoi8XhRBQ==
-----END CERTIFICATE----- 
EOF

cat <<EOF >cl.crt
-----BEGIN CERTIFICATE-----
MIID5jCCA0+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMCVUsx
CzAJBgNVBAgTAk5SMRUwEwYDVQQHEwxBdHRsZWJvcm91Z2gxGTAXBgNVBAoUEEhp
ZGUgTXkgQXNzISBQcm8xDDAKBgNVBAsTA1ZQTjEaMBgGA1UEAxMRdnBuLmhpZGVt
eWFzcy5jb20xHzAdBgkqhkiG9w0BCQEWEGNhQGhpZGVteWFzcy5jb20wHhcNMDkw
NjA2MDk0MzI2WhcNMTkwNjA0MDk0MzI2WjCBhzELMAkGA1UEBhMCVVMxCzAJBgNV
BAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xEDAOBgNVBAoTB1ZQTlVzZXIx
DTALBgNVBAsTBFVzZXIxEDAOBgNVBAMTB2htYXVzZXIxITAfBgkqhkiG9w0BCQEW
EnVzZXJAaGlkZW15YXNzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
rgyqqg4KIJpehg4+ZDRXmwr+/AHAjYmjGVilgXpP4VL2HUakABdg/i5DJ6ZUbouf
1AwvkzPRgSjB1FqBgTi3W8fyl7UL5l+wudZTFxQuXAVtkWf5MHniPGSZanEeGsvD
698ykq+TaHaJECXjNFFIKs/Xb3AqaOuZu53/GfoFSUMCAwEAAaOCAU4wggFKMAkG
A1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0
aWZpY2F0ZTAdBgNVHQ4EFgQUfpgYeC73KSJVNsnzSR1VVo1fTFEwgcwGA1UdIwSB
xDCBwYAUzli9ONAdxV7S73RTOpfaXP99HDKhgZ2kgZowgZcxCzAJBgNVBAYTAlVL
MQswCQYDVQQIEwJOUjEVMBMGA1UEBxMMQXR0bGVib3JvdWdoMRkwFwYDVQQKFBBI
aWRlIE15IEFzcyEgUHJvMQwwCgYDVQQLEwNWUE4xGjAYBgNVBAMTEXZwbi5oaWRl
bXlhc3MuY29tMR8wHQYJKoZIhvcNAQkBFhBjYUBoaWRlbXlhc3MuY29tggkAjPJM
DBldWigwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3
DQEBBQUAA4GBAGwi9eLvW+3B623DIlznKFCH5BTB88/mOZHRbENdRWRNa2VdSiGh
LZs3I7en+zAmoP1sfeAxFXlyIdw6/oNxuTT63eF4G7kAiPZ2eeplvFWRTZNCc08V
+tdcVSGRtgwc1v8GVMlBBGqyTmL96TveK7mCDGaGv+HwEBo9r2HJJvVz
-----END CERTIFICATE-----
EOF

cat <<EOF >cl.key
-----BEGIN RSA PRIVATE KEY-----
MIICXwIBAAKBgQCuDKqqDgogml6GDj5kNFebCv78AcCNiaMZWKWBek/hUvYdRqQA
F2D+LkMnplRui5/UDC+TM9GBKMHUWoGBOLdbx/KXtQvmX7C51lMXFC5cBW2RZ/kw
eeI8ZJlqcR4ay8Pr3zKSr5NodokQJeM0UUgqz9dvcCpo65m7nf8Z+gVJQwIDAQAB
AoGBAJKUFlK7GipU91AcxMytDC6FtzJS43APvy0Ea/Y8JPPVY3JKYKm3BrdqDKJi
wO6MZiE11gc5d7I3ue11/2Ttd/TOvEkBXpoQ8UWDZGn8kvInh0ECkckere5WBXf4
SBRKwrNkUTRAQWbYMmGdQWCaWwbm97IvN4PM6+eSzN2KvguRAkEA3xlmVV0YZALv
yR9nMSQ/CgAZEb9nHEzZyZtDPCoOwTquZ9boRnEhPK/NCG983rCe+E1Tnwu1CLgG
yBr/vFUWywJBAMe3gZ4PYqHq4ecyPigUmNJc9cB2K0SbMTVFlSFezH0DZJJHzB1m
34VRIT0i1cmsLRPWvv8JGih3Yrwgx1yO0GkCQQDVc6jMPaDrdz/STuBdTQ+fUs6p
g1Z05jZtRMbEVnz9dVaOdTiQxQaG2LCzxG9VZOkEKn+6KOpRaDjc1bAekc6XAkEA
rRFAqY/7kQTSLl9DrcfrhqA39khwxksWIWvjB7/2xH6kMH83SmNTX1wmyaveR52E
kqSNbsScfmS2kwB0wqifwQJBAN7XD0XhiEZGy33+7uGB+wgvn7SDziQnmTwqcJ5V
65mYqEA6riTvtoJUP99gfI7p08MVpmkY5T1FrTiJplGkjf0=
-----END RSA PRIVATE KEY-----
EOF

chmod 600 cl.key

cat <<EOF > up.sh
#!/bin/sh
iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE
EOF
chmod 755 up.sh

cat <<EOF > dn.sh
#!/bin/sh
iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE
/tmp/hma/vpn.sh &
EOF
chmod 755 dn.sh

cat <<EOF > vpn.sh
#!/bin/sh
openvpn --config /tmp/hma/hma.conf --route-up /tmp/hma/up.sh --down /tmp/hma/dn.sh --daemon 2>&1 >> /tmp/hma/hma.log
EOF
chmod 755 vpn.sh

while [ \`date +%Y\` -lt 2014 ]; do
	sleep 5
done

sleep 2

while ! ps|grep openvpn >/dev/null ; do
	/tmp/hma/vpn.sh &
	sleep 30
done

INSTALL

nvram set hma="`cat /tmp/hma.sh`"
nvram set rc_startup="nvram get hma > /tmp/hma.sh; chmod 755 /tmp/hma.sh; /tmp/hma.sh; # Installed on 2014-03-19 20:04:52 #"
echo "Saving startup sequence"
nvram commit
echo "NVRAM saved"
cat <<BANNER
------------------------------------------
|            Congratulations!            |
|           HMA WRT Installed            |
|                                        |
|     Please now reboot your router.     |
|                                        |
------------------------------------------
BANNER
